sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[test last]

Browse Source
This commit is contained in:
sgratias
2025-11-11 20:04:49 +01:00
parent ea679762a1
commit 682da1f461
1 changed files with 62 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
backup.yml
View File

@@ -28,20 +28,21 @@
###! DOCKER COMPOSE FILE ###! DOCKER COMPOSE FILE
############ ############
# curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# apk add --no-cache rust # apk add --no-cache rust
# pip install bitwarden-sdk # pip install bitwarden-sdk / cargo
# export BWS_ACCESS_TOKEN=<ACCESS_TOKEN_VALUE> # export BWS_ACCESS_TOKEN=<ACCESS_TOKEN_VALUE>
# database_password: "{{ lookup('bitwarden.secrets.lookup', '<SECRET_ID>') }}" # database_password: "{{ lookup('bitwarden.secrets.lookup', '<SECRET_ID>') }}"
#! ants - gouv # #! ants - gouv
- debug: # - debug:
msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}" # msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}"
delegate_to: localhost # delegate_to: localhost
environment: # environment:
BW_CLIENTID: "{{ bw_client_id }}" # BW_CLIENTID: "{{ bw_client_id }}"
BWS_ACCESS_TOKEN: "{{ bw_client_secret }}" # BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
BW_PASSWORD: "{{ bw_client_password }}" # BW_PASSWORD: "{{ bw_client_password }}"
# #! fin test # #! fin test
# - name: Check if bw is installed # - name: Check if bw is installed
# command: which bw # command: which bw
@@ -50,22 +51,23 @@
# delegate_to: localhost # delegate_to: localhost
# changed_when: false # changed_when: false
- name: Install Bitwarden CLI
ansible.builtin.command:
cmd: "{{ item }}"
delegate_to: localhost
loop:
- apk add --no-cache nodejs npm
- npm install -g @bitwarden/cli
- ansible.builtin.command: #! script
cmd: bw logout # - name: Install Bitwarden CLI
delegate_to: localhost # ansible.builtin.command:
ignore_errors: true # cmd: "{{ item }}"
# delegate_to: localhost
# loop:
# - apk add --no-cache nodejs npm
# - npm install -g @bitwarden/cli
# - ansible.builtin.command:
# cmd: bw logout
# delegate_to: localhost
# ignore_errors: true
- name: bitwarden token session - name: bitwarden token session
ansible.builtin.command: ansible.builtin.shell: "{{ item }}"
shell: "{{ item }}"
environment: environment:
BW_CLIENTID: "{{ bw_client_id }}" BW_CLIENTID: "{{ bw_client_id }}"
BW_CLIENTSECRET: "{{ bw_client_secret }}" BW_CLIENTSECRET: "{{ bw_client_secret }}"
@@ -77,38 +79,53 @@
delegate_to: localhost delegate_to: localhost
register: bw_session_result register: bw_session_result
- name: Return all secrets from a path - name: Get secret from Bitwarden
ansible.builtin.debug: "{{ bw_session_result }}" command:
argv:
- name: Set BW_SESSION as environment variable globally - bw
ansible.builtin.set_fact: - get
bw_session: "{{ bw_session_result.results[-1].stdout | trim }}" - password
- "Token full access gitea"
- --session
- "{{ bw_session }}"
delegate_to: localhost
register: gitea_token_result
no_log: true no_log: true
changed_when: false
- name: bitwarden token session - name: Return all secrets from a path
ansible.builtin.command: ansible.builtin.debug: "{{ gitea_token_result }}"
shell: bw unlock --passwordenv BW_PASSWORD --raw
environment:
BW_CLIENTID: "{{ bw_client_id }}"
BW_CLIENTSECRET: "{{ bw_client_secret }}"
BW_PASSWORD: "{{ bw_client_password }}"
delegate_to: localhost delegate_to: localhost
- name: Utiliser le lookup
ansible.builtin.debug:
msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password', bw_session='{{ bw_session }}') }}"
environment:
BW_SESSION: "{{ bw_session }}"
delegate_to: localhost
# - name: Return all secrets from a path
# ansible.builtin.debug: "{{ bw_session }}"
- name: logout - name: logout
ansible.builtin.command: ansible.builtin.command:
cmd: bw logout cmd: bw logout
delegate_to: localhost delegate_to: localhost
# - name: Set BW_SESSION as environment variable globally
# ansible.builtin.set_fact:
# bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
# no_log: true
# - name: bitwarden token session
# ansible.builtin.command:
# shell: bw unlock --passwordenv BW_PASSWORD --raw
# environment:
# BW_CLIENTID: "{{ bw_client_id }}"
# BW_CLIENTSECRET: "{{ bw_client_secret }}"
# BW_PASSWORD: "{{ bw_client_password }}"
# delegate_to: localhost
# - name: Utiliser le lookup
# ansible.builtin.debug:
# msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password', bw_session='{{ bw_session }}') }}"
# environment:
# BW_SESSION: "{{ bw_session }}"
# delegate_to: localhost
# # - name: Return all secrets from a path
# # ansible.builtin.debug: "{{ bw_session }}"
# - name: Return all secrets from a path # - name: Return all secrets from a path
# delegate_to: localhost # delegate_to: localhost
# ansible.builtin.debug: # ansible.builtin.debug: